RevEng.AI has secured $15 million in Series A funding led by NATO Innovation Fund to help organisations verify the integrity of AI-generated and open-source software by analysing compiled binaries for hidden threats and supply chain risks.
RevEng.AI has raised $15 million in Series A funding to expand its binary-level software verification platform designed to detect hidden threats inside AI-generated, open-source, and third-party software. The funding round was led by NATO Innovation Fund, with participation from Sands Capital, In-Q-Tel, IQ Capital, and Episode One.
The London-based cybersecurity startup focuses on analysing compiled binaries, executables, and firmware directly without requiring access to source code. The company positions the technology as a response to growing software supply chain risks emerging from AI-generated applications, open-source dependencies, contractor-developed software, and third-party libraries.
According to the company, traditional cybersecurity tools largely focus on source code repositories and package metadata, leaving the compiled software running on production systems difficult to inspect. RevEng.AI instead treats compiled binaries as the “final source of truth” for software verification.
Its platform is designed to identify hidden components, malicious functionality, vulnerabilities, suspicious release changes, unexpected behaviours, and software supply chain risks embedded inside executables.
The company said the rise of autonomous AI coding agents is creating an environment where organisations may deploy software without fully understanding all generated dependencies or behaviours. RevEng.AI’s foundational AI model, BinNet, reportedly trained alongside allied government cyber units and commercial security teams, automates reverse engineering tasks traditionally handled by specialised experts.
The technology is aimed at sectors including healthcare, finance, energy, transportation, manufacturing, and defence, where hidden vulnerabilities inside software supply chains can create large-scale operational risks.
